package org.zwy.gradetrack.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import org.zwy.gradetrack.common.Result;
import org.zwy.gradetrack.entity.RolePermission;
import org.zwy.gradetrack.service.RolePermissionService;

import java.util.List;
import java.util.Map;

/**
 * 角色权限关联控制器
 */
@RestController
@RequestMapping("/api/role-permissions")
public class RolePermissionController {
    
    private final RolePermissionService rolePermissionService;
    
    public RolePermissionController(RolePermissionService rolePermissionService) {
        this.rolePermissionService = rolePermissionService;
    }
    
    /**
     * 为角色分配权限
     */
    @PostMapping("/{roleId}/permissions")
    @PreAuthorize("hasRole('SYSTEM_ADMIN')")
    public Result<Boolean> assignPermissions(
            @PathVariable Long roleId,
            @RequestBody List<Long> permissionIds) {
        try {
            return Result.success(rolePermissionService.assignPermissions(roleId, permissionIds));
        } catch (Exception e) {
            return Result.error(500, "分配权限失败：" + e.getMessage());
        }
    }
    
    /**
     * 获取角色的权限ID列表
     */
    @GetMapping("/{roleId}/permission-ids")
    @PreAuthorize("hasRole('SYSTEM_ADMIN')")
    public Result<List<Long>> getPermissionIdsByRoleId(@PathVariable Long roleId) {
        return Result.success(rolePermissionService.getPermissionIdsByRoleId(roleId));
    }
    
    /**
     * 获取角色的权限列表
     */
    @GetMapping("/{roleId}/permissions")
    @PreAuthorize("hasRole('SYSTEM_ADMIN')")
    public Result<List<RolePermission>> getPermissionsByRoleId(@PathVariable Long roleId) {
        return Result.success(rolePermissionService.getPermissionsByRoleId(roleId));
    }
    
    /**
     * 检查角色是否拥有指定权限
     */
    @GetMapping("/{roleId}/has-permission/{permissionId}")
    @PreAuthorize("hasRole('SYSTEM_ADMIN')")
    public Result<Boolean> hasPermission(
            @PathVariable Long roleId,
            @PathVariable Long permissionId) {
        return Result.success(rolePermissionService.hasPermission(roleId, permissionId));
    }
    
    /**
     * 移除角色的所有权限
     */
    @DeleteMapping("/{roleId}/permissions")
    @PreAuthorize("hasRole('SYSTEM_ADMIN')")
    public Result<Boolean> removeAllPermissions(@PathVariable Long roleId) {
        try {
            return Result.success(rolePermissionService.removeAllPermissions(roleId));
        } catch (Exception e) {
            return Result.error(500, "移除权限失败：" + e.getMessage());
        }
    }
    
    /**
     * 批量获取多个角色的权限ID列表
     */
    @PostMapping("/permission-ids")
    @PreAuthorize("hasRole('SYSTEM_ADMIN')")
    public Result<Map<Long, List<Long>>> getPermissionIdsByRoleIds(@RequestBody List<Long> roleIds) {
        return Result.success(rolePermissionService.getPermissionIdsByRoleIds(roleIds));
    }
    
    /**
     * 批量检查角色是否拥有指定权限
     */
    @PostMapping("/has-permission/{permissionId}")
    @PreAuthorize("hasRole('SYSTEM_ADMIN')")
    public Result<Map<Long, Boolean>> hasPermissions(
            @RequestBody List<Long> roleIds,
            @PathVariable Long permissionId) {
        return Result.success(rolePermissionService.hasPermissions(roleIds, permissionId));
    }
    
    /**
     * 批量移除多个角色的所有权限
     */
    @DeleteMapping("/permissions")
    @PreAuthorize("hasRole('SYSTEM_ADMIN')")
    public Result<Boolean> removeAllPermissionsBatch(@RequestBody List<Long> roleIds) {
        try {
            return Result.success(rolePermissionService.removeAllPermissionsBatch(roleIds));
        } catch (Exception e) {
            return Result.error(500, "批量移除权限失败：" + e.getMessage());
        }
    }
    
    /**
     * 获取拥有指定权限的角色ID列表
     */
    @GetMapping("/permission/{permissionId}/roles")
    @PreAuthorize("hasRole('SYSTEM_ADMIN')")
    public Result<List<Long>> getRoleIdsByPermissionId(@PathVariable Long permissionId) {
        return Result.success(rolePermissionService.getRoleIdsByPermissionId(permissionId));
    }
    
    /**
     * 批量获取拥有指定权限的角色ID列表
     */
    @PostMapping("/permission/roles")
    @PreAuthorize("hasRole('SYSTEM_ADMIN')")
    public Result<Map<Long, List<Long>>> getRoleIdsByPermissionIds(@RequestBody List<Long> permissionIds) {
        return Result.success(rolePermissionService.getRoleIdsByPermissionIds(permissionIds));
    }
} 